Applications use connection strings to specify credentials used to access databases. If the application includes unvalidated user input in connection strings, an attacker might be able to change what...